Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

Julie188 writes "The sales pitch was that IPv6, with its zillions of new IP addresses, would eliminate the need for network address translation altogether. But Jeff Doyle, one of the guys who literally wrote the book on IPv6, suggests that not only will NAT be needed, but it will be needed to save IPv4 at the tipping point of IPv6 adoption. 'I've written previously that as we make the slow — and long overdue — transition from IPv4 to IPv6, we will soon be stuck with an awkward interim period in which the only new globally routable addresses we can get are IPv6, but most public content we want to reach is still IPv4. Large Scale NAT (LSN, also known as Carrier Grade NAT or CGN) is an essential tool for stretching a service provider's public IPv4 address space during this transitional period.'"

Of course it could fit most people needs who, by the way, don't even know what having a unique IPv4 address means, forget about knowing what a fixed IP address is. My only concerns would be towards people hosting services, even if they only host a gaming server.

Before getting a fixed IP address, I remember using services like dyndns before I setup my own private dyndns server on a fixed IP address server that I had access to. I could always reach my system even if it changed address every 6 hours on the first dialup provider I registered to back then.

So yes, it could, my only concerns is that it may cause prices to have a unique address or a fixed address to rise.

Large scale or ISP wide NAT is part of the solution. It will not "save" IPv4, whatever that means. It will make it possible to transition to IPv6 and still access all the old sites, that have not yet made the transition.

It is not really important that slashdot.org is still IPv4 only. You can access it just fine. And slashdot.org has no need to access you.

You use IPv6 in all the cases where you wanted that nice static IPv4 address before: When running peer to peer software. Setting up your small hobby server. Using direct peer to peer VoIP. And so on.

All the consumer ISPs will transition soon enough during the next few years. We will fairly quickly be able to assume consumers will in fact be able to access IPv6 only sites. For the next 10 years you can also assume consumers will be able to access IPv4 only sites - is anyone really surprised by that?

If all your gaming friends got IPv6, playing on your private IPv6 only game server - what do you care that some backwards dialup only ISP, in a country you never heard of, still is IPv4 only?

As far as I know, Slashdot does a short port scan on your IPv4 address when you preview or post a comment in order to make sure that your machine isn't an open proxy that might be abused for vandalism. That's why your first preview of the day from a given machine is so slow: it has to wait for the connections to time out.

You use IPv6 in all the cases where you wanted that nice static IPv4 address before: When running peer to peer software. Setting up your small hobby server.

In other words, things that cable and phone companies don't really want customers on the residential plan doing in the first place, as explained in the terms of service.

If all your gaming friends got IPv6, playing on your private IPv6 only game server

By the time that happens in several years, you may have grown out of online gaming. Which of the current video game consoles supports IPv6?

As far as I know, Slashdot does a short port scan on your IPv4 address when you preview or post a comment in order to make sure that your machine isn't an open proxy that might be abused for vandalism. That's why your first preview of the day from a given machine is so slow: it has to wait for the connections to time out.

Let's think about this shall we. there are 64K port addresses if I am not mistaken. that's effectively two quads IF you used them optimally. for inside the nat there are only 3 quads x 3 prefixs (169,192, 10). SO that gives us a little bit more than 5.2 quads. But that assumes every nat in the stack does everything perfectly.

Now you might isn't that 5.2 quads worth of addresses? No because each computer is going to be using multiple ports.

The way CGN works is to spread multiple users across the same IP address. So forget about dyndns. Also forget about google maps, because it runs through ports like water, and TCP requires a 90-second timeout before releasing a port. Basically, CGN is a hack to cushion the blow, but it doesn't eliminate the need to switch to IPv6. You will like CGN a lot less than you like your present NAT.

A much better choice would be to go to NAT64. That way you get end-to-end connectivity for the hosts that do I

Absolutely. I don't understand why do dual-stack and NAT44 instead of giving customers IPv6 and NAT64.

I assume this is because the problem isn't just all those web servers on IPv4 addresses, but a significant number of end user applications that are not IPv6 aware. Unfortunately, if we allow them to avoid upgrading with NAT44 then we can confidently predict that apps won't get updated and you'll never be able to switch it off. It's human nature not to fix the problem until forced to.

Stop the madness. Give us ip6.
We (as a society) would gain so many productive hours without NAT and the shit that comes with it. (Portforwarding etc). We have the technology ready to go and give everything it's unique ip. Can we please use that tech? It's not like it's high-tech or to new to be implemented by now.

Nowadays, not that many people give. It is also pretty rare that corporations give to their customer base. As well, it is rare that governments give since in the end we are paying for every dime they spend.

So in the end, the most competitive solution will prevail. Read the cheapest one. If it is using a dual stack with natted IPv4 plus IPv6 well during the transition, this is what's going to happen.

I would sure enjoy having IPv6 fully deployed right now but I have to be realist.

Despite the efforts of ISPs and some institutions (heck even Comcast has an IPv6 pilot program) no significant number of end-users are going to turn on IPv6.

Nothing will happen until someone with enough clout decides to put a new "must have killer app" or free content out there and only allow IPv6 access to it.Then consumers might demand there equipment, OS and ISP support it. There's no money in that, so I'm not holding my breath.

Yeah, like that, but something more exclusive. As to what, well, you can pretty much freeload porn and music (well, "radio") with a clear conscience, and with minimal actual risk and a small level of ethical flexibility, movies as well.

I've also seen a HIT on mturk that pays out to establish a v6/v4 tunnel to a free provider. So at least there is something around to nudge the technically adept to get hooked up. Don't know how they are funded.

I don't think non-networking guys really understand the harm that NAT/PAT/masq has done.

I am talking economic damage. NAT has cost you money. It's cost you a LOT of money. It cost your company money. It cost everyone who uses computer an ASS LOAD OF MONEY totally wasted on a cheap hack to get around the fact that we needed a better addressing system.

All the wasted software time which talented people worked for, and NAT is just a work-around.

All of the needless hardware and software implementations related to NAT.

Anyone who runs a large Cisco PIX/ASA platform can bemoan the number of statics needed between network interfaces.

Think about the apps that had a really hard time working because of NAT. The games that could not peer-to-peer because both sides were behind NAT.

Think about all of the companies that have multiple DNS views -- inside, and then public. That's a ton of extra work.

Best thing of all that I look forward to in IPv6 is... the idiots that it will wring out of the IT/comp-sci sector. Idiot sysadmins that label their servers with IPv4 addresses, idiot programmers who won't learn IPv6 and will get the boot to the curb that they have long deserved.

If you can't handle it, GTFO lamers. You don't need to know your workstation's IP address -- you need to know it's hostname and how to use DNS. I can't tell you the number of places I've worked at where people hard-code IP addresses into config files and the damage that it has caused, along with labeling servers/printers/whatever with their IPv4 address.

Mod parent up. If you've had to deal with any sort of reasonably larged sized network and NAT, everything he mentions above is a huge pain in the ass. Relying on NAT as a "firewall" is brain damaged anyway, and those who tihnk NAT needs not processing ability compared to a proper firewall are deluded. Every single packet needs to be looked up against the NAT state table, so even though you don't have any real firewall rules, processing is still going on.

Me too. I look forward to having no NAT and changing the IPs in my internal network every time I use a different ISP.

"Hmm, my internet connection failed, better connect the backup one. OK, now this ISP gives me xxx:yyy:zzz:xxyz::0 IP, so I now have to go and change the addresses of all my PCs, since they won't be able to access the internet. If only there could be some way to keep the internal IPs constant..."

Currently, the internal IPs of my computers do not depend on which ISP I am connected to.

Currently, the internal IPs of my computers do not depend on which ISP I am connected to.

Actually IPv6 interfaces can, nay MUST, allow multiple address assignments. So in an all IPv6 world, each of your computers will have an ISP-dependent (publically routable) address, as you say. But, they will each ALSO have a locally assigned, non-routable ("site-local") address that you can use as an unchanging address on your LAN.

Plus, with IPv6 router solicitation/advertisement and/or DHCPv6, even the case of updating machines with new ISP-dependent addresses is not the onerous task you make it out to be

If you have carrier redundancy, the IP6 stack can/will have *both* sets of IPs active at once, and you decide which gets used outgoing at the router. IPv6 actually includes multi-homing, unlike IPv4....

Your rant would be more compelling if your list didn't consist of "software time", "software, salaries, time", "software" (yes, again), "time setting it up (as if setting up a proper firewall ruleset was any less cumbersome)", and "games". Yes, games. Economic damage indeed.

Look, NAT isn't ideal. I'll grant that. IPv6 is right. But I'd like to point out something. If NAT is seriously as big a deal as you make it out to be, that's man-hours that kept someone employed. Software houses employ people to work in projects that need doing. Working around network realities/idiosyncrasies needs to be done. Remove those realities and the rampaging hordes you envision writing NAT code won't just get a memo saying "hey, we were going to have you work on this uber useful productive project but didn't because you were working on that NAT code but now that it's gone, you're a productive member of society again!"

There's some hyperbole in my post, but the point is clear. At my office we have a phrase, "scripting yourself out of a job". There are a lot of repetitive tasks like new user creation that I'm often tempted to script to save myself (billable) time. Sadly, when everything I do is scripted, I'm not needed. Anyone can punch in values and routine tasks are out of my hands. All that's left is sitting around waiting for something to go wrong. I can't charge for that. That being said, there's an ethical fine line between predatory billing - which we don't ever do - and scripting myself out of a job.

Point is the economic "impact" of NAT isn't something that's worth talking about. If anything it employ[s/ed] people.

Remove the BS in dealing with NAT and we can move onto solving other more important problems. keeping broken shit to keep people employed reinventing the wheel is not productive - and essentially productivity is what provides human advancement. if we're wasting time dealing with brain damage just to maintain teh status quo, then why bother? I know this is government strategy for maintaining jobs, but it shouldn't be.

If NAT is seriously as big a deal as you make it out to be, that's man-hours that kept someone employed.

Classic example of the broken window fallacy [wikipedia.org]. Are you really saying we should prefer one protocol over another because it employs more sysadmins and developers in activities that would otherwise be unnecessary? Continuing this line of reasoning, we should abolish protocols such as DHCP and require manual configuration of all machines.

Well, I can't say to MS you have to implement this. And lets be fair here... Support for XP has stopped, it's an old OS. Making such a transition as this will never be easy. There will always be systems that will need to be upgraded or where you maybe have to find a solution as simple like a usb-networkdongle that does have hardware support for ip6. But sure, you have a valid point. Some people with old software/hardware will have problems with this transition.

err windows xp does have ipv6 support but its not installed by default (in fact has had it since XP sp2)now it may not have all the bells and whistles of say Vistas support (if anything can be supported by Vista) but you should at least be able to get an IP and get online.

What about all the commodore c64 owners out there? XP is a turd that needs to be dropped. It is out of date, insecure and unsupported. If you don't like Windows 7, then change to something else - there are plenty of viable alternatives.

The my internet comment was facetious, but in my experience most of the XP holdouts are clueless and by and large the major component of the botnets launching DOSes that I have to deal with day in day out.

My main point is that technology moves on. The C64 died, the Amiga died, Windows 98 died, etc. Bringing the future of the internet to a halt because of some tight-arse fucktards who don't want to get off some antiquated insecure OS is going to be a net LOSE for everybody.

And NAT is the bomb. It is the best kind of firewall you can have - ie one that doesn't slow down your computer with bloatware. It really is not difficult to forward a router.

No, it's not. The best kind of firewall you can have is a firewall -- which can also be done on your router device, so that it "doesn't slow down your computer with bloatware".

The part I don't like about it though, is the addresses.
How easy is it to remember 192.168.2.31 compared to 2001:0db8:ac10:fe01:0000:00000:00000:0000?

If you don't like that address, why did you pick it? For a start, redundant zeros are redundant, so write 2001:db8:ac10:fe01::. Secondly, you are assigned a/48, meaning you can pick the rest of the bits freely. If you didn't want to remember it, why did you pick fe01 instead of, say, 0, letting you write 2001:db8:ac10::?

And in case you hadn't noticed, 2001:db8:ac10:: is shorter than the IPv4 equivalent, where you have to remember both 192.168.2.31 and your external address, 192.0.2.172. What's the problem with IPv6 again?

Tell me again, how is this transition supposed to work if a good 50% of equipment doesn't support IPv6?

Even if all these devices actually did support IPv6, why would I want them on publicly accessible IP addresses? The truth is, IPv6 hasn't taken off because really there is no huge need for it. Private networks (and there is gobs of IP space for those) are the norm, and in 90% of cases are more than acceptable with a device doing NAT to the rest of the world.

There is nothing stopping people having both public and private IPs (like I have) for things that don't behave behind NAT. That is unless your ISP won't give you addresses....

Because they're globally unique. You'll never have a conflict of address when you start doing business with other entities with large networks or because the hotel just so happens to be using the same private addresses as a network you're trying to make a VPN connection to from your laptop.

And just because they're public addresses doesn't mean they're publicly accessible.

You have the X-307 model toaster too? With bluetooth capability so you can connect it to your headset and it can soothingly whisper to you when your toast is done, and is always connected to the main toast making database so that it always knows just how long to perfectly cook toast, bagels, english muffins, waffles, etc. and has a tri scanning array so it knows exactly what you put in it every time and can auto toast so you don't even have to push down on the button to start toasting, and then when its all done it gently rises the finished product up instead of shooting it up.

It has never been "this year", but it *will* be in the next two years, probably next year, at the Registry level. Existing ISPs already have their pools of addresses they can continue using for sometime longer until those are depleted, and yes, NAT has kept this from happening a lot sooner, but lets not make the mistake the US did with the metric system and keep an archaic and broken system in place when life is so much easier (after the transition anyhow) if we switch.

Are you betting on the ipv4 space usage magically decreasing ( right when everyone will start freaking out about getting their last allocations )?

No no, there is always more to be found. That link of yours only show the _known_ reserves of addresses. They continue to find new fields of IP addresses and existing fields continue to find more than initially expected. This "peak IP" is never going to happen and you know it!

Haven't you heard? The IAB has known for decades that the default-free zone is continually making new IPv4 addresses as a natural function of the BGP protocol. The reason you've never heard about it is the evil telecom companies control the media and the NRO, and they don't want you to know the truth.

If you're a Qwest customer in Omaha like my inlaws, you get a non-routable from the head end... and the last time I was there, they did not support VPN passthrough (although IIRC you could pay extra for a routable dynamic IP if you wanted VPN to work).

I've had a business package at my home for years. Yeah, it costs me a few more dollars per month but I've always gotten higher speeds, better technical support, more email accounts (back in the day) AND a static IP address. I could even host my own web/email servers if I wanted to and I did in the past.

Why should I have to pay *EXTRA* for the full internet, and competent support?

Because the majority of people don't see the point of paying for the full Internet, and what little competition there is between cable and DSL forces the two to cut their rates to the point where they have to offer a half-Internet package.

at work we use NAT behind a whole public class B and it work great. But as a customer I would not put up with it. I want to act as a server not only a dumb host. So please stop the carrier grade nating madness.

at work we use NAT behind a whole public class B and it work great. But as a customer I would not put up with it. I want to act as a server not only a dumb host. So please stop the carrier grade nating madness.

I already need to either define a computer as DMZed or do port mapping, because of NAT. Just imagine the amount of head-scratching people will do when they find out there is another NAT in front of theirs preventing access to their subnet. If my ISP starts NATing, then its just confirmation that I nee

Of course, you might not be ABLE to switch carriers. If Time Warner were to put me behind NAT, I'd be pretty much screwed. I might be able to switch to some form of wireless connection, but that might not even be any better.

Of course, you might not be ABLE to switch carriers. If Time Warner were to put me behind NAT, I'd be pretty much screwed. I might be able to switch to some form of wireless connection, but that might not even be any better.

That would suck, though look on the bright side, in a worst case scenario you could probably get an IPv6 capable router and then tunnel to an IPv6 PoP. Its far from ideal, but at least you wouldn't be totally stuck on Time Warner's island.

Most P2P protocols have at least some trouble working with local NAT. If it was implemented on a large scale there might be a few more problems, and it certainly gives ISP's (the ones running the NAT) more control over the traffic they route. I wonder how quickly the RIAA and friends will pick up on that and start pushing for NAT instead of IPv6...

There are only 65536 port numbers, so there is only so thin that you can spread a single IP address. Remember that some clients open many ports. There are also questions of reuse; you can't simply cram the 65536 space close to full. When a TCP connection terminates, you don't want to start reusing the port number right away. It's tricky.

People are not going to be happy to be NAT ed. Will large scale NAT also come with large scale port forwarding? Large scale UPnP? What do you do about port number abuses?

Dynamic DNS goes out the window. People can't have a quasi static IP any more with their own port 80, port 22, port 25 mail server or whatever.

If I were to be NATed, I would not want to pay more than 5 dollars a month for such a crippled connection, regardless of bandwidth. So you will automatically have to sell the service to ten subscribers like me instead of just one to make the same revenue.

As long as I can get non-NAT-ted service somewhere, than that is where I will be.

NAT == CRIPPLED_INTERNET. Impose that next door. Next city. Next country. NIMBY: not in my backyard.

And remember that if EVERYONE is NATted, then nobody can talk to anyone. Because you have to connect somewhere to use the Internet. That means resolving DNS to some IP address.

To reach a DNS server you need an IP address. So the DNS server can't be NATed. That DNS server has to hand you the IP address of a host such as a web server. Are all web servers going to be NAT ed? That means they can't be all on port 80 any more. You are looking at redirects! There will have to be a port 80 service sitting on those NAT nodes, which will intercept web traffic, parse the HTTP request and forward to the appropriate node behind the NAT.

Or else DNS will have to be re-architected so that it returns not only IP's but port numbers, so when you go to www.somewhere.com, it resolves to x.y.z.w:n, and the host x.y.z.w has port n forwarded to the right server.

"There are only 65536 port numbers, so there is only so thin that you can spread a single IP address."

But who says they have to do a one-to-many NAT? Why not have a pool of public addresses available for NAT. Say, 1 IP per every 50 customers, or even 1 per 25 customers? The point isn't necessarily that an ISP has to drop down to a single IP address for serving every single customer - but that instead of assigning 1 public IP per household/customer, they can get away with spreading it *thinner*.

But 99% of the people might not notice. They could give 99% of their customers NAT'ed service, and when someone calls and complains, apologize, and offer them a unique public ip for $500 extra per month, or if they upgrade to a "business class line" that permits them to have a dedicated static, addressable IP.

We have 3.7bn IPV4 addresses. That won't even cover 1 device per person, before even taking into account losses due to subnetting. The population is growing exponentially, and we should probably plan on the number of IP enabled devices growing even faster than that (higher number of devices per person).

NAT, large scale or otherwise is only a band-aid delaying the inevitable.

Its a horrible hack that breaks many protocols and causes all sorts of problems when you want to (say) join two previously priva

The other side of big NATs is that they could make IPv6 unnecessary. With big NATs everybody could have private IPv4 space with the public IPv4 space being used to connect the private spaces.

Protocols that don't like NATs are protocols that violate the principle of independence of protocol layers. Things like SIP and FTP are hard to NAT because they carry lower level addresses. Nobody cares about FTP any more but SIP is a security and implementation nightmare that is going to need to be re-designed from

Hah. The only way this will work is if they make an extremely good IPv4/IPv6 NAT gateway. Except, if they make one that does a good job such that people are going IPv4->IPv6->IPv4 and everything basically works, then people will wonder why they don't just do an extremely good IPv4 NAT solution and go IPv4->IPv4 and drop the entire IPv6 part.

In addition to using NAT to conserve IPv4 space it is still being sold as a more secure setup. NAT provides obscurity but not really security. A decent firewall is only going to allow what you configure it to allow. The only benefit I can think of is it may reduce the scope of subnet scans your network is subjected to. Then again, the bots/scripts are scanning em all anyway.

NAT does provide security : it shuts down a large number of attack vectors. It is not comprehensive but there is a significant difference in security profile between a device which is globally addressable vs a device which is only addressable on a local network and/or when it initiates a network link.

A firewall is merely another means to shut down some of those attack vectors. The more unobtrusive security layers you have the better. NAT is perfect for home use and it is what I use. If I want a global IP,

Maybe they can start at the backbones by converting to IPv6 and NAT to the rest of the world. Then, they can implement IPv6 as they reach out and keep pushing the NAT farther and farther out until it's at the ISP level (where hopefully they've been starting to work on their own IPv6 implementation).

What we really should do it have a cut off day, like digital TV, for the switch to IPv6. It worked great for TV!:)

That sounds nice, but in practice you probably wouldn't be able to connect at all. At least one side must have a public IP address for P2P to work (with TCP), or at least be able to open incoming ports with something like UPnP. What do you think the odds are of ISPs letting customers reserve incoming ports? UDP-based NAT traversal may be possible with help from a public server.

Either way, the AAs would still be able to identify individual users via a combination of port and public IP address.

1. Is Comcast going to give me unlimited IPv6 addresses? How will that work through my router? Do I now need to announce every device to Comcast? I REALLY like the fact that I get a single IP address, and I can port forward and use NAT as I like.

2. NAT makes for a pretty good firewall. I have Linux and Mac machines, and consumer devices, behind my current NAT router. With NAT and SPI, I have it pretty good. I really only ever use an outbound firewall to detect phone-home stuff and malware (and with Linux and Mac, surprise, surprise, there's not a lot of the latter).

Hey, I understand the need for IPv6. I guess I just don't want to lose what NAT offers.

ISPs are licking their chops for this. They want to roll out NAT for all default consumer grade ISP connections. It solves problems with scarcity, they profit from scarcity (want public IP? You pay extra for it), and it will jack with routing of P2P data and thus cut down on the leeches. It's a WIN-WIN-WIN for the Telco and cable companies.

If you guys think IP6 will be adopted, just wait till they find huge money in artificial scarcity of IP4 blocks. There will be no where to run and escape it! Unless you pay that premium...

Probably because he doesn't own the infrastructure. The problem is that in the US we heavily subsidized the industry, but didn't require them to really do anything to deserve the money. We didn't require neutrality, we didn't require them to keep building out broad band, or enhance the speeds in urban areas either.

Considering that ultimately they're using public resources to provide a service, I do think they owe us at least something in exchange for making profits using our right of way or airwaves.

So, if money talks, and bullshit walks, then what the fuck are you still doing here?

It isn't his responsibility, this is basically the same problem we've seen in the wireless space, the people who actually control access don't bother to upgrade until the last minute, if even then, and without somewhere else to take your business, it's not a realistic option. I've heard that Comcast has IPv6 around here, but going back to them is a non-starter. They're far worse than the other options.

The ISP in my area was, in fact, created by people who overcome the limitations placed on them. Other ISPs wouldn't run high speed cable internet up to where I live, so a few people formed a cooperative and did it themselves.

As for getting a new ISP, it isn't an option. There aren't any other ones here. Not that there would be a reason to switch - They're the best one around. They're a better ISP than the ISP they lease their backbone line f

Are you stupid? If the public gives them money for something, they most definitely owe us some service. There's no hypocrisy involved. It's basic economics, and it's a situation where the average American is getting fucked from their tax dollars being paid for no value returned.

The problem is that our elected morons didn't set the requirements. They don't not owe us services, they just don't LEGALLY owe us anything. Big difference.

Because there will literally be mountains of eWaste and headaches galore? How many of the home routers sold in the past 5 years even support IPv6? I don't think any of the consumer grade stuff does. That means we will have to replace just about every router in every home or have some sort of IPv6 to IPv4 bridge built into every modem in the country, again not cheap.

Whether we like it or not, there is a reason why IPv4 has lasted so long. It is a mature tech that everyone knows how to fix. IPv6 is gonna be a nightmare for probably 5 or 6 years and it really ain't gonna be fun trying to fix the mess. So yeah, I can see them stretching out IPv4 for as long as humanly possible, simply because the transition costs are gonna be insane.

Because there will literally be mountains of eWaste and headaches galore? How many of the home routers sold in the past 5 years even support IPv6? I don't think any of the consumer grade stuff does. That means we will have to replace just about every router in every home or have some sort of IPv6 to IPv4 bridge built into every modem in the country, again not cheap.

Whether we like it or not, there is a reason why IPv4 has lasted so long. It is a mature tech that everyone knows how to fix. IPv6 is gonna be a nightmare for probably 5 or 6 years and it really ain't gonna be fun trying to fix the mess. So yeah, I can see them stretching out IPv4 for as long as humanly possible, simply because the transition costs are gonna be insane.

You can't get better evidence of the incompetence of government than this. There's a dwindling resource that will run out in just a couple of years, impacts practically every person in every OECD country, yet have you heard of even one government agency, in any country, that is mandating IPv6 for consumer grade gear to force the vendors to solve the problem before it becomes critical? Of course not! That would require foresight and competence. About the only IPv6 push I'm hearing is that for government tenders in the US, IPv6 support is required, but that does nothing to solve the problem of hundreds of millions of home routers that are IPv4 only.

No government on Earth has even bothered to lift a finger to solve a well known, easily predicted problem with a ready and tested solution that would cost the government no money whatsoever (it's just legislation!). Given that, now picture the level of competence you'd get from the same bunch of idiots when tasked with solving much bigger issues like global warming, peak oil, or overpopulation. Issues like that won't be critical for decades, have no obvious solution, and all possible solutions are expected to cost trillions. I can only imagine the level of incompetence that will no doubt ensue...

I don't think my DSL router/modem supports IPv6. It's not a problem. I just run it in bridge mode, and leave the PPPoE support to my PC. (I did this even before enabling 6to4, because the router has ridiculously small NAT tables.) Every existing DSL router should be capable of acting as a simple PPPoA-to-PPPoE bridge.

This may not work for cable router/modems; I've never had the chance to configure one.

If you have the skills to set up IPv6 just for kicks I seriously doubt you are dealing with what we out here in the field run into in most folk's homes, which is CCC, or "Cheap Chinese Crap". Trendnet/Zonenet, linksys, hell pick any under $50 router and see how many updates are sitting there for it on its home page. my guess it'll be like the Trendnet that is looking at me right now, which is zip. And unless things have changed in the less than 6 months I looked at routers there were exactly squat when it c

Mostly because it's expensive, painful, and older versions of most operating systems don't properly support it. No one wants to deal with the dramas before they absolutely have to. That and there's the fact that as far as I can tell the one and only killer feature of IPv6 is a larger address space and having every item have a publicly addressable IP, which isn't a really huge selling point especially when you consider that while IPv4 addresses are easy to remember, IPv6 addresses are not.

The same reason why people are determined to take America back to the 50s. Change is costly and at time you make the wrong call. And ultimately it's scary.

The changes that businesses make tend to be the ones that either improve their profit margins immediately or the things that consumers demand. Ever notice how lately every store has to have air conditioning? It's not because it's profitable per se, it's because if you want to have customers they have to come into the store, and they won't come into you

Add to this how many more NAT workarounds we will need to have in software. We already have to deal with NAT busting solutions, now we will have to deal with double NAT busting solutions. Believe me, NAT was a workaround to a limitation and we shouldn't be using this workaround at any more levels than necessary.

There is only so much duct tape you can use before it is time to just accept you will have to install the new solution.

If IPv6 appears so hard, its because people keep on waiting for someone else to take the plunge. If you are an IT professional, then is should be your business to understand and embrace IPv6, whether that is in your network or in your software. If your issue is with your router not supporting IPv6, then make some noise to your router's manufacturer, install a third-party firmware or go with a company already offering an IPv6 capable router.

p2. The transition to IPv6 is probably going to need some NAT64 and DNS64 magick at some point. Not everybody is going to be well-served by running dual-stack hosts and networks. I've heard that some mobile broadband providers are looking at various kinds of NAT tricks to keep IPv4 marginally functional for legacy applications on IPv6-only networks without resorting to expensive tunnel encapsulation mechanisms.

Have you actually done a count of the number of addressable devices IPv6 provides. There may well

As long as whatever solution is transparent to the application, then that's what will make the most sense. If the applications are intranet only, then they could probably exist in their own IPv4 subnet with little regards for what is happening beyond their island. If they need internet connectivity then, they will probably still be okay for the next few years since existing IPv4 addresses won't vanish, they simply won't be able allocated anymore - I assume such applications will continue speaking to the sam